From 2a95f3171681ee53c97ccba9d80f4454b462aaa7 Mon Sep 17 00:00:00 2001
From: Andrea Shepard <andrea@torproject.org>
Date: Sat, 15 Jun 2013 02:16:00 -0700
Subject: Disable middle relay queue overfill detection code due to possible
 guard discovery attack

---
 changes/bug9072 | 3 +++
 src/or/relay.c  | 5 +++++
 2 files changed, 8 insertions(+)
 create mode 100644 changes/bug9072

diff --git a/changes/bug9072 b/changes/bug9072
new file mode 100644
index 0000000000..e594a38335
--- /dev/null
+++ b/changes/bug9072
@@ -0,0 +1,3 @@
+  o Critical bugfixes:
+    - Disable middle relay queue overfill detection code due to possible
+      guard discovery attack, pending further analysis.  Fixes bug #9072.
diff --git a/src/or/relay.c b/src/or/relay.c
index 087459c5c0..fdb4bff709 100644
--- a/src/or/relay.c
+++ b/src/or/relay.c
@@ -2548,6 +2548,10 @@ append_cell_to_circuit_queue(circuit_t *circ, or_connection_t *orconn,
     streams_blocked = circ->streams_blocked_on_p_conn;
   }
 
+  /*
+   * Disabling this for now because of a possible guard discovery attack
+   */
+#if 0
   /* Are we a middle circuit about to exceed ORCIRC_MAX_MIDDLE_CELLS? */
   if ((circ->n_conn != NULL) && CIRCUIT_IS_ORCIRC(circ)) {
     orcirc = TO_OR_CIRCUIT(circ);
@@ -2566,6 +2570,7 @@ append_cell_to_circuit_queue(circuit_t *circ, or_connection_t *orconn,
       }
     }
   }
+#endif
 
   cell_queue_append_packed_copy(queue, cell);
 
-- 
cgit v1.2.3-54-g00ecf